Blog

Archive for
June 2011

Shawn Mitchell writes: If you’ve ever tracked a growing number of assets with a spreadsheet, you’re familiar with the chaos. Efficient business operation and gaining a competitive advantage are both hindered when your asset tracking is out of control. As assets become more involved with an organization’s processes, the impact of misplaced assets or off-track locations becomes more severe.

Amit Klein writes: We have uncovered a SpyEye configuration that targets users of two leading European airline travel Web sites: Air Berlin, the second largest airline in Germany (after Lufthansa) and AirPlus, the global provider of business travel services for companies. SpyEye exploits the user’s machine, not the websites, to carry out this fraud.

“In light of the weeks denial of service attack on the websites belonging to the CIA and the US Senate, UK public sector organisations are reminded of the critical importance of guarding their online perimeter,” said Tom Turner, senior vice president of marketing and channels for Q1 Labs.

SecurEnvoy co-founder Steve Watts discusses the fall-out from the RSA systems hack in March and offers some words of advice on how best to handle the consequences...

The high-profile hack of EMC's RSA division, which resulted in questions being raised about the security of the SecurID hardware authentication system, and the eventual replacement of some 40 million tokens - a process that started in June and is likely to continue for some months - is a game changer on several levels.

Amichai Shulman writes: “Today, Imperva released a report on search engine poisoning. Search Engine Poisoning attacks manipulate, or “poison”, search engines to display search results that contain references to malware-delivering websites. There are a multitude of methods to perform SEP: taking control of popular websites; using the search engines’ “sponsored” links to reference malicious sites; and injecting HTML code. Here’s a graphic explaining how it works: